Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label European Commission. Show all posts

ENISA’s Biennial Cybersecurity Report Highlights EU Threats and Policy Needs

 

The EU Agency for Cybersecurity (ENISA) has released its inaugural biennial report under the NIS 2 Directive, offering an analysis of cybersecurity maturity and capabilities across the EU. Developed in collaboration with all 27 EU Member States and the European Commission, the report provides evidence-based insights into existing vulnerabilities, strengths, and areas requiring improvement. Juhan Lepassaar, ENISA’s Executive Director, emphasized the importance of readiness in addressing increasing cybersecurity threats, technological advancements, and complex geopolitical dynamics. Lepassaar described the report as a collective effort to bolster security and resilience across the EU.

The findings draw on multiple sources, including the EU Cybersecurity Index, the NIS Investment reports, the Foresight 2030 report, and the ENISA Threat Landscape report. A Union-wide risk assessment identified significant cyber threats, with vulnerabilities actively exploited by threat actors. While Member States share common cybersecurity objectives, variations in critical sector sizes and complexities pose challenges to implementing uniform cybersecurity measures. At the individual level, younger generations have shown improvements in cybersecurity awareness, though disparities persist in the availability and maturity of education programs across Member States.

ENISA has outlined four priority areas for policy enhancement: policy implementation, cyber crisis management, supply chain security, and skills development. The report recommends providing increased financial and technical support to EU bodies and national authorities to ensure consistent implementation of the NIS 2 Directive. Revising the EU Blueprint for managing large-scale cyber incidents is also suggested, aiming to align with evolving policies and improve resilience. Tackling the cybersecurity skills gap is a key focus, with plans to establish a unified EU training framework, evaluate future skills needs, and introduce a European attestation scheme for cybersecurity qualifications.

Additionally, the report highlights the need for a coordinated EU-wide risk assessment framework to address supply chain vulnerabilities and improve preparedness in specific sectors. Proposed mechanisms, such as the Cybersecurity Emergency Mechanism under the Cyber Solidarity Act, aim to strengthen collective resilience.

Looking to the future, ENISA anticipates increased policy attention on emerging technologies, including Artificial Intelligence (AI) and Post-Quantum Cryptography. While the EU’s cybersecurity framework provides a solid foundation, evolving threats and expanding roles for authorities present ongoing challenges. To address these, ENISA underscores the importance of enhancing situational awareness and operational cooperation, ensuring the EU remains resilient and competitive in addressing cybersecurity challenges.

EU Data Centers to Report Energy and Water Use Under New Rules

 

The European Union is poised to take a significant step toward regulating energy and water use in data centers. Beginning in September, all organizations operating data centers within EU nations will be required to file detailed reports on their water and energy consumption. Additionally, these organizations must outline the measures they are taking to reduce their environmental footprint. 

Data centers have been specifically targeted because they account for an estimated 2% to 3% of the total energy consumption in the EU. The increasing demand for data processing power, driven largely by the rise of AI technologies, is a major factor behind this significant energy use. Ermengarde Jabir, a senior economist at Moody’s, highlights the immense power requirements of data center hubs within the EU. 

For instance, data centers in Amsterdam demand approximately 950 megawatts of energy capacity, while those in Dublin require over 700 megawatts. Similarly, data centers in Paris and Frankfurt have comparable energy needs to Dublin. To put this in perspective, 1 megawatt of power is sufficient to power between 750 to 1,000 homes for an entire year. Notably, the world’s largest data center hub, located in northern Virginia, has a staggering capacity of 4,500 megawatts. 

The EU's new reporting rules, along with any subsequent regulations aimed at reducing energy consumption, currently apply only to data centers within EU member states. However, EU environmental regulations often serve as a model for other regions, with the notable exception of North America, according to Cándido García Molyneux, an environmental lawyer based in Brussels with the law firm Covington & Burling. “When the EU adopts these reporting requirements, it is very likely that many other countries will follow suit,” Molyneux explains. He also notes that nations aspiring to join the EU or engage in trade with the EU may need to comply with these energy regulations. 

Moreover, the EU has already implemented government procurement regulations focused on energy efficiency. Companies providing cloud or web-based services to EU residents and businesses from data centers outside the EU might also face future energy use regulations. The EU’s drive to reduce energy consumption is motivated by several factors, including the desire to phase out fossil fuels and decrease dependence on foreign energy sources, according to Moody’s Jabir. 

Although efforts to reduce energy consumption began before the conflict in Ukraine, the war has intensified the EU's resolve to cut imports of Russian oil, gas, and coal. The introduction of energy and water use reporting rules marks an early step toward broader regulation. While some energy experts believe most data center operators are prepared to comply, Molyneux anticipates challenges for certain operators. Smaller data center operators might not be aware of the new rules, and others could struggle to gather the required information in time. 

In summary, the EU’s new reporting requirements for data centers represent a crucial move toward greater transparency and accountability in energy and water use. By enforcing these regulations, the EU aims to achieve substantial reductions in energy consumption, contributing to broader environmental and sustainability goals.

European Union to Block Amazon’s Acquisition Over iRobot


Amazon.com Inc. has recently proposed a takeover of the Roomba manufacturers iRobot Corp. This proposal is expected to be blocked by the European Union’s antitrust regulators, as they share their concerns that this will have an adverse impact on other robot vacuum makers. 

At a meeting with European Commission officials on Thursday, the e-commerce behemoth was informed that the transaction would probably be denied, according to sources familiar with the situation. The political leadership of the EU must still formally approve a final decision, which is required by February 14.  Meanwhile, Amazon declined to comment on the issue. 

On Friday, iRobot’s shares, based in Bedford, Massachusetts, fell as much as 31% to $16.30, expanding the deal spread to over $35, the greatest since the merger was disclosed more than a year ago.

Regulators believe that other vacuum manufacturers may find it more difficult to compete as a result of iRobot's partnership with Amazon, particularly if Amazon decides to give Roomba advantages over competitors on its online store.

There will probably be opposition to the deal in the US as well. People with an insight into the situation claim that the Federal Trade Commission has been preparing a lawsuit to try and stop the transaction. According to persons speaking about an ongoing investigation, the three FTC commissioners have yet to vote on a challenge or hold a final meeting with Amazon to discuss the possible case.

The investigation over Amazon’s acquisition of iRobot was initiated in July 2023 by the European Commission (EC), the EU’s competition watchdog. 

The EC has until February 14 to make a decision. The commission's 27 most powerful political members must agree to reject the proposal before the EC can make a final decision. 

While iRobot was all set to expand its business in the market of smart home appliances, it witnessed a 40% dip in its shares a few hours after the first reporting of the EU’s intentions in the Wall Street Journal. 

Given that the company has been struggling with declining revenues, the acquisition by Amazon was initially viewed as a boon.

In regards to the situation, Matt Schruers, president of tech lobbying group Computer and Communications Industry Association comments that "If the objective is to have more competition in the home robotics sector, this makes no sense[…]Blocking this deal may well leave consumers with fewer options, and regulators cannot sweep that fact under the rug."  

YouTube Faces Struggle from EU Regulators for Dropping Use of Ad Blockers


Alexander Hanff, a privacy activist is suing the European Commission, claiming that YouTube’s new ad blocker detection violates European law. 

In response to the Hanff’s claims to the European Commission, German Pirate Party MEP asked for a legal position on two key issues: whether this type of detection is "absolutely necessary to provide a service such as YouTube" and whether "protection of information stored on the device (Article 5(3) ePR) also cover information as to whether the user's device hides or blocks certain page elements, or whether ad-blocking software is used on the device."

YouTube’s New Policy 

Recently, YouTube has made it mandatory for users to cease using ad blockers or else they will receive notifications that may potentially prevent them from accessing any material on the platform. The majority of nations will abide by the new regulations, which YouTube claims are intended to increase revenue for creators.

However, the reasons that the company provides are not likely to hold up in Europe. Experts in privacy have noted that YouTube's demand to allow advertisements to run for free users is against EU legislation. Since it can now identify users who have installed ad blockers to avoid seeing advertisements on the site, YouTube has really been accused of spying on its customers.

EU regulators has already warned tech giants like Google and Apple. Now, YouTube is the next platform that could face lengthy legal battles with the authorities as it attempts to defend the methods used to identify these blocks and compel free YouTube viewers to watch advertisements regularly in between videos. Google and other digital behemoths like Apple have previously faced the wrath of EU regulators. Due to YouTube's decision to show adverts for free users, many have uninstalled ad blockers from their browsers as a result of these developments.

According to experts, YouTube along with violating the digital laws, is also violating certain Fundamental consumer rights. Thus, it is likely that the company would have to change its position in the area if the platform is found to be in violation of the law with its anti-ad blocker regulations. This is something that Meta was recently forced to do with Instagram and Facebook.

The social networking giant has further decided on the policy that if its users (Facebook and Instagram) do not want to see ads while browsing the platforms, they will be required to sign up for its monthly subscriptions, where the platforms are free from advertisements.  

Microsoft to Roll Out “Data Boundary” for its EU Customers from Jan 1


According to the latest announcement made by Microsoft Corp on Thursday, its cloud customers of the European Union will finally be able to process and store chunks of their data in the region, starting from January 1. 

This phased rollout of its “EU data boundary” will apparently be applied to all of its core cloud services - Azure, Microsoft 365, Dynamics 365 and Power BI platform. 

Since the introduction of General Data Protection Regulation (GDPR) by the EU IN 2018, that protects user privacy, business giants have grown increasingly anxious of the international flow of consumer data. 

The European Commission, which serves as the executive arm of the EU, is developing ideas in order to safeguard the privacy of the European customers whose data is being transferred to the United States. 

"As we dived deeper into this project, we learned that we needed to be taken more phased approach," says Microsoft’s Chief Privacy Officer Julie Brill. “The first phase will be customer data. And then as we move into the next phases, we will be moving logging data, service data and other kind of data into the boundary.” 

The second phase will reportedly be completed by the end of 2023, while the third in year 2024, she added. 

Microsoft runs more than a dozen datacenters throughout the European countries, like France, Germany, Spain and Switzerland. 

Data storage, for large corporation, have become so vast and is distributed across so many different countries that it has now become a challenge to understand where their data is stored and whether it complies with regulations like GDPR. 

"We are creating this solution to make our customers feel more confident and to be able to have clear conversations with their regulators on where their data is being processed as well as stored," says Brill. 

Moreover, Microsoft has previously mentioned how it would eventually challenge government request for customer data, and that it would compensate financially to any customer, whose data it shared in breach of GDPR.  

The European Commission added VKontakte and Telegram to the list of pirate sites

VKontakte is surprised by the decision of the European Commission to include the social network in the list of resources that contribute to online piracy, the company has been interacting with copyright holders for many years and quickly restricts access to controversial content

The European Commission has published a new list of resources that promote piracy and can benefit from it. The list for the first time included the Telegram messenger and the social network VKontakte.

The list is formed on the basis of reports from groups of right holders. According to the European Commission, Telegram users, including using public channels, "exchange illegal content, in particular music, books, news publications, films and TV programs." In addition, subscribers share links to other sites that host pirated content.

The social network "VKontakte" is also included in the list due to many complaints from copyright holders. Users of the social network can have unauthorized access to books, as well as to movies and TV shows, in particular through the built-in video players.

Both Telegram and VKontakte objected to their inclusion in the"piracy watch list". Telegram told the European Commission that it "does not tolerate any malicious content on its platform" and removes it within 24 hours. VKontakte also noted that it is fighting piracy. In particular, the social network indicated that the copyright holder can complain about copyright infringement through an electronic form. According to VKontakte, its employees processed more than 1.36 million such complaints, most of which ended with the removal of content.

"We are surprised by the inclusion of VKontakte in this list, as for many years we have been actively interacting with copyright holders in various areas," said the press service of the social network.

According to them, the company signed agreements with the world's largest copyright holders of music products, including Universal Music, Sony Music, and Warner Music, The Orchard, Merlin Network, Believe Digital.